Using remote Disk Management through SP2's firewall

Discussion in 'OT Technology' started by Supernaut, Oct 13, 2004.

  1. Supernaut

    Supernaut New Member

    Joined:
    May 20, 2003
    Messages:
    8,047
    Likes Received:
    0
    Has anybody managed to make this work? I've opened ports 445 and 135 for RPC, per MS's knowledgebase and other sources, but I still get a "RPC server unavailable" when attempting to connect to a remote machine's DM service. From my reading, this seems to be a common problem and currently the only workaround is to disable the firewall and enable it when finished. This is the only issue preventing me from deploying this corporation-wide.
     
  2. Scoob_13

    Scoob_13 Anything is possible, but the odds are astronomica

    Joined:
    Oct 5, 2001
    Messages:
    73,780
    Likes Received:
    38
    Location:
    Fort Worth. Hooray cowgirls.
    I would assume you would disable the firewall, do your work when finished, and then enable it.
     
  3. mdaniel

    mdaniel S is for Shiksa

    Joined:
    May 6, 2000
    Messages:
    52,339
    Likes Received:
    247
    Location:
    Northwest Mejicooooooo
    Yeah he already said that and its not practical on an enterprise level. May as well just walk to every machine and right click, manage My Computer.
     
  4. EvilSS

    EvilSS New Member

    Joined:
    Jun 11, 2003
    Messages:
    5,104
    Likes Received:
    0
    Location:
    STL
    Don't deploy windows firewall in an enterprise. You have to open up so much stuff it becomes worthless.
     
  5. mdaniel

    mdaniel S is for Shiksa

    Joined:
    May 6, 2000
    Messages:
    52,339
    Likes Received:
    247
    Location:
    Northwest Mejicooooooo
    Is there a group policy you can set to disable it since SP2 will default to enabling it when you install?
     
  6. Supernaut

    Supernaut New Member

    Joined:
    May 20, 2003
    Messages:
    8,047
    Likes Received:
    0
    Yeah, it can be disabled via GP but it would be nice to have it enabled to prevent virus propagation. Though I suppose having to open up ports for DCOM and RPC make the machine so vulnerable that the firewall is not of much effect at that point.
     
  7. Scoob_13

    Scoob_13 Anything is possible, but the odds are astronomica

    Joined:
    Oct 5, 2001
    Messages:
    73,780
    Likes Received:
    38
    Location:
    Fort Worth. Hooray cowgirls.
    I'm sorry, you must have missed the rather obvious sarcasm in my post. :uh:
     
  8. EvilSS

    EvilSS New Member

    Joined:
    Jun 11, 2003
    Messages:
    5,104
    Likes Received:
    0
    Location:
    STL
    I thought it shut down by default when joined to a domain (maybe a SP2 quirk that it won't).
     
  9. Rob

    Rob OT Supporter

    Joined:
    Jul 6, 2002
    Messages:
    88,612
    Likes Received:
    36
    Location:
    Atlanta, GA

    I laughed when I read it. :mamoru:


    Like was said earlier, you might as well disable it though a group policy. The ports that you are going to open are the ones that are vuneralbe to the the rash of MS infections anyway.

    Keep the machines up to date, and hope that the virus writers stay a couple days (hours? :o) behind MS and their patches.
     

Share This Page